Reported
March 31, 2004 by S-Quadra.
VERSIONS
AFFECTED
Cactusoft’s CactuShop
5.x
DESCRIPTION
Two vulnerabilities exist in
Cactusoft’s CactuShop 5.x shopping cart software, the most serious of which can
cause execution of arbitrary commands on the vulnerable system. These two
vulnerabilities consist of:
a SQL Injection condition in
the pages mailorder.asp and payonline.asp. An attacker who successfully
exploits this vulnerability can execute commands (via the Microsoft SQL
xp_cmdshell function) in the system security context.
a Cross Site Scripting
vulnerability in the script largeimage.asp. By injecting specially crafted
JavaScript code in the URL and tricking a user into visiting it, a potential
attacker could steal the user’s session ID and access the user's personal
data.
VENDOR
RESPONSE
The vendor,
CactuSoft, has not released a fix for these vulnerabilities.
CREDIT
Discovered by
Nick Gudov.
Multiple Vulnerabilities in Cactusoft’s CactuShop 5.x
2 comments
Hide comments